Lucene search

K

PRIOn knowledge basePRION:CVE-2015-0828

HistoryFeb 25, 2015 - 11:59 a.m.

Double free

2015-02-2511:59:00

PRIOn knowledge base

www.prio-n.com

8

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.2%

Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.

CPENameOperatorVersion
firefoxeq13.0.1
firefoxeq14.0.1
firefoxeq18.0
firefoxeq0.1
firefoxeq10.0.7
firefoxeq4.0 beta6
firefoxeq4.0 beta1
firefoxeq3.6.2
firefoxeq19.0
firefoxeq0.8

Rows per page:

1-10 of 2351

References

lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html

lists.opensuse.org/opensuse-updates/2015-03/msg00067.html

www.mozilla.org/security/announce/2015/mfsa2015-18.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securityfocus.com/bid/72744

www.securitytracker.com/id/1031791

bugzilla.mozilla.org/show_bug.cgi?id=1030667

bugzilla.mozilla.org/show_bug.cgi?id=988675

security.gentoo.org/glsa/201504-01

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.2%

Related for PRION:CVE-2015-0828

mozilla1 cvelist1 nvd1 openvas6 cve1 ubuntucve1 nessus8 mageia1 kaspersky1 suse1 freebsd1 securityvulns1 gentoo1